Route Origin Authorization
$ rpki-client -vvf rpki.zappiehost.com/repo/ZAPPIE-RPKI/2/AS202952.roa
File: AS202952.roa (raw, json)
Hash identifier: XZCq9wc4XvoUKDM+RB2WtL6V4CrTn3bh2UUbhpchv4U=
Subject key identifier: 46:4D:DD:1C:20:22:2A:58:38:17:8E:CD:E3:4A:22:AB:0C:1B:E5:F9
Certificate issuer: /CN=abdbfabaf201e2bb85b9edb4d643594ac30bbfe2
Certificate serial: 2AC597BAEF80FBF34DE7372535D2F3313C8F20A4
Authority key identifier: AB:DB:FA:BA:F2:01:E2:BB:85:B9:ED:B4:D6:43:59:4A:C3:0B:BF:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q9v6uvIB4ruFue201kNZSsMLv-I.cer
Subject info access: rsync://rpki.zappiehost.com/repo/ZAPPIE-RPKI/2/AS202952.roa
Signing time: Wed 21 Dec 2022 16:56:54 +0000
ROA not before: Wed 21 Dec 2022 16:51:54 +0000
ROA not after: Wed 20 Dec 2023 16:56:54 +0000
asID: 202952
IP address blocks: 2a06:a005:1b90::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:c5:97:ba:ef:80:fb:f3:4d:e7:37:25:35:d2:f3:31:3c:8f:20:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abdbfabaf201e2bb85b9edb4d643594ac30bbfe2
Validity
Not Before: Dec 21 16:51:54 2022 GMT
Not After : Dec 20 16:56:54 2023 GMT
Subject: CN=464DDD1C20222A5838178ECDE34A22AB0C1BE5F9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:b9:a3:af:8f:15:c7:0b:3f:e3:10:72:c6:4e:
dc:af:41:d6:61:10:fb:d1:35:f7:8b:e2:b7:2d:a9:
08:71:f9:a1:d0:3d:af:38:ee:3a:b6:3d:c7:2a:18:
6d:e8:35:2d:70:29:4b:5c:c1:ca:1c:2d:39:a5:3e:
e5:e6:2a:fc:02:e9:a6:db:6c:38:60:a9:50:ed:8d:
b8:f7:86:f1:e6:06:1c:0b:db:fd:c5:84:35:44:8d:
bc:bc:5c:22:a8:7f:5b:2f:8c:9e:c8:d9:ab:50:b7:
65:7b:80:43:b9:7e:6a:cd:28:9d:cc:72:03:e4:40:
6b:ba:06:eb:ae:39:b3:11:b0:e1:91:2c:1a:f6:a1:
30:f7:fd:ea:e3:4c:8c:5b:76:df:19:74:aa:d3:75:
f4:d0:13:1e:e9:b5:88:ab:e8:c7:83:59:31:da:89:
ac:a5:da:68:f1:07:1e:8b:96:03:f3:3a:9a:51:ce:
94:df:6d:11:e1:bc:00:8d:a0:57:ce:62:f7:9c:74:
c6:d4:b6:70:e7:09:2c:ba:f8:f3:42:7c:e6:1a:91:
66:98:f1:f4:14:ff:5c:41:1c:4d:68:19:34:a6:e7:
f8:53:3e:4c:fd:42:74:ad:54:7d:fb:da:75:23:64:
bd:a6:8b:f3:ec:56:a9:ba:22:2c:73:7a:b6:1f:e4:
28:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:4D:DD:1C:20:22:2A:58:38:17:8E:CD:E3:4A:22:AB:0C:1B:E5:F9
X509v3 Authority Key Identifier:
keyid:AB:DB:FA:BA:F2:01:E2:BB:85:B9:ED:B4:D6:43:59:4A:C3:0B:BF:E2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.zappiehost.com/repo/ZAPPIE-RPKI/2/ABDBFABAF201E2BB85B9EDB4D643594AC30BBFE2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q9v6uvIB4ruFue201kNZSsMLv-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.zappiehost.com/repo/ZAPPIE-RPKI/2/AS202952.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:1b90::/44
Signature Algorithm: sha256WithRSAEncryption
b1:bf:11:4d:2b:46:2d:a3:69:6d:47:3f:df:6f:60:94:38:0c:
fd:90:91:d6:5f:75:2e:21:99:b1:06:26:cd:09:28:ff:87:50:
87:aa:ee:a8:c6:ba:1a:4d:86:dd:cd:44:05:24:7b:e6:34:0c:
f3:c0:2d:8f:8f:62:b7:ff:f7:c0:fe:7e:5c:ec:dc:0f:8f:ed:
51:97:33:f0:39:c6:a5:a1:f5:85:f2:0f:bd:47:78:4b:c6:36:
ff:d2:79:59:56:13:28:16:a4:7c:e9:ac:59:ce:34:ad:73:cf:
01:df:24:66:34:6a:fe:a7:1b:64:c7:19:90:68:ae:70:d1:de:
8d:f4:ba:34:9b:cf:09:97:a0:e9:85:9e:67:ab:c1:fe:40:1f:
f0:f8:42:03:32:ac:de:25:7c:0f:1b:0c:da:6e:06:19:b6:92:
26:4b:c0:f5:7f:a3:08:50:ed:1d:04:e9:84:65:f5:1a:7a:79:
78:ca:80:ca:99:7f:4b:61:52:28:3b:01:37:e0:f4:90:90:8e:
b2:b6:76:45:10:24:69:b0:52:b1:9f:ff:37:47:e3:2f:ec:87:
18:e9:47:6a:9a:1a:5a:63:20:e7:af:d8:31:48:b6:0b:44:f0:
48:56:24:27:6b:91:f7:08:b0:db:94:73:c3:fb:67:09:04:28:
df:a2:cb:6b
-----BEGIN CERTIFICATE-----
MIIEtTCCA52gAwIBAgIUKsWXuu+A+/NN5zclNdLzMTyPIKQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWJkYmZhYmFmMjAxZTJiYjg1YjllZGI0ZDY0MzU5NGFj
MzBiYmZlMjAeFw0yMjEyMjExNjUxNTRaFw0yMzEyMjAxNjU2NTRaMDMxMTAvBgNV
BAMTKDQ2NERERDFDMjAyMjJBNTgzODE3OEVDREUzNEEyMkFCMEMxQkU1RjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKuaOvjxXHCz/jEHLGTtyvQdZh
EPvRNfeL4rctqQhx+aHQPa847jq2PccqGG3oNS1wKUtcwcocLTmlPuXmKvwC6abb
bDhgqVDtjbj3hvHmBhwL2/3FhDVEjby8XCKof1svjJ7I2atQt2V7gEO5fmrNKJ3M
cgPkQGu6BuuuObMRsOGRLBr2oTD3/erjTIxbdt8ZdKrTdfTQEx7ptYir6MeDWTHa
iayl2mjxBx6LlgPzOppRzpTfbRHhvACNoFfOYvecdMbUtnDnCSy6+PNCfOYakWaY
8fQU/1xBHE1oGTSm5/hTPkz9QnStVH372nUjZL2mi/PsVqm6IixzerYf5CgDAgMB
AAGjggG/MIIBuzAdBgNVHQ4EFgQURk3dHCAiKlg4F47N40oiqwwb5fkwHwYDVR0j
BBgwFoAUq9v6uvIB4ruFue201kNZSsMLv+IwDgYDVR0PAQH/BAQDAgeAMGwGA1Ud
HwRlMGMwYaBfoF2GW3JzeW5jOi8vcnBraS56YXBwaWVob3N0LmNvbS9yZXBvL1pB
UFBJRS1SUEtJLzIvQUJEQkZBQkFGMjAxRTJCQjg1QjlFREI0RDY0MzU5NEFDMzBC
QkZFMi5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jw
a2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3E5djZ1dklCNHJ1RnVlMjAx
a05aU3NNTHYtSS5jZXIwVwYIKwYBBQUHAQsESzBJMEcGCCsGAQUFBzALhjtyc3lu
YzovL3Jwa2kuemFwcGllaG9zdC5jb20vcmVwby9aQVBQSUUtUlBLSS8yL0FTMjAy
OTUyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/
BBMwETAPBAIAAjAJAwcEKgagBRuQMA0GCSqGSIb3DQEBCwUAA4IBAQCxvxFNK0Yt
o2ltRz/fb2CUOAz9kJHWX3UuIZmxBibNCSj/h1CHqu6oxroaTYbdzUQFJHvmNAzz
wC2Pj2K3//fA/n5c7NwPj+1RlzPwOcalofWF8g+9R3hLxjb/0nlZVhMoFqR86axZ
zjStc88B3yRmNGr+pxtkxxmQaK5w0d6N9Lo0m88Jl6DphZ5nq8H+QB/w+EIDMqze
JXwPGwzabgYZtpImS8D1f6MIUO0dBOmEZfUaenl4yoDKmX9LYVIoOwE34PSQkI6y
tnZFECRpsFKxn/83R+Mv7IcY6UdqmhpaYyDnr9gxSLYLRPBIViQna5H3CLDblHPD
+2cJBCjfostr
-----END CERTIFICATE-----
Generated at Fri Feb 21 11:22:06 2025 by rpki-client